package com.example.order.controller;

import lombok.extern.slf4j.Slf4j;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * @auth 罗俊华
 * @Date 2022/3/10 10:14 下午
 */
@Slf4j
@RestController
public class OrderController  {

    /**
     * 注意：要想让资源服务器的注解生效@PreAuthorize，需要添加注解 @EnableGlobalMethodSecurity(prePostEnabled = true)
     * @return
     */
    @PreAuthorize("hasAnyAuthority('createOrder')")
    @GetMapping("/createOrder")
    public String createOrder(){

        String name = SecurityContextHolder.getContext().getAuthentication().getName();

        return name+",您刚新建了一个订单";
    }


}
